Cyber Resiliency Minimizing the impact of breaches on business continuity Jean-Michel Lamby Associate Partner - IBM Security Brussels Think Brussels / Cyber Resiliency / Oct 4, 2018 / 2018 IBM Corporation
Global Risks that have a macro- impact across sectors. Boards across the globe need to consider how key business parameters will be influenced by these risks in view of mitigations implemented. In terms of Cyberattacks, preparedness presents a significant opportunity to derisk the business. However a coherent strategy and understanding of underlying issues is lacking, as the impact is not fully understood at the Board Level. Business Impact 4.8-15% * Stock Value Erosion post Cyberattack / Data Breach Source: World Economic Forum, Davos 2018 Source: Cyber Value Connection
Cyber Resilience Market Summary Top 5 Threats of 2018 1 : 1. Cyber attack 2. Data breach 3. Unplanned IT outage 4. Interruptions to utility supply 5. Adverse weather 1 BCI Horizon Scan Report 2018 Business impact of cyber attacks and data breaches is very high $3.86 million average cost of a data breach 1 $350.44 million average cost of a mega data breach 2 Damaged brand reputation, loss of trust 1,2 Ponemon Institute 2018 Cost of Data Breach Study Cyber Risk is a C-Suite Priority: New worry for CEO, CIO and CISO: A career-ending cyberattack Mitigating cyber risks is now a top boardroom agenda 1 1 KPMG CEO Outlook 2017 Analysts predict increased attacks and higher security and DR spending 27.9% average probability of material breach in the next 24 months 1 $96 billion security spending in 2018 2 $12.5 billion DRaaS market by 2022 3 1 Ponemon Institute 2018 Cost of Data Breach Study 2 Gartner 3 Markets and Markets
Most companies already have taken ample measures to protect themselves from the most common cyber disruptors. Top 5 causes of cyber disruptions 61% Phishing and social engineering 45% Malware 37% Spear-phishing attack 24% Denial of service 21% Out-of-date software
The cost of cyber attacks is more than 3x the cost of natural disasters. In addition, cyber attacks occur everywhere, also in areas that are generally safe from natural disasters. Organisations are unprepared 68% 66% 69 days 197 days Lack the ability to remain resilient in the wake of a cyber attack Suffer from insufficient planning and preparedness Average amount of time organisation need to contain a cyber attack. Average amount of time hackers spend inside IT environments before discovery
Double hit Cyber Resilience Specifics Re-occurence Two fights What else? RPO? RTO? MARC?
New Cyber Resilience Combined Capabilities
IBM Strategy: Cyber Resiliency Framework Identify Identify your risks and Cyber Resiliency Maturity level Protect by discovering vulnerabilities before they are exploited Recover Protect Detect unknown threats with advanced analytics Respond with a Plan to cyber outbreaks Respond Detect Recover access to critical data and applications Cyber Resiliency lifecycle based on the industry standard NIST Cybersecurity framework
IBM Cyber Resiliency Assessment We can also help you take a step back and make an assessment of your current readiness and to define a practical, actionable and roadmap to support your improvement objectives.
Cyber incident recovery for platform enables fast restoration of services by replicating a golden copy of server and device configuration data to air-gap protected immutable storage.
Cyber incident recovery for data enables fast recovery against cyberattacks by protecting data through the use of air-gapped and immutable storage while orchestrating fast recovery at the DR site.
Orchestration / Automation Complete DR lifecycle automation Software Defined Resiliency Intelligent Workflow Single Dashboard Hybrid environment Data Centres Private Cloud Public Cloud IoT The Cyber Security Breaches Survey 2018, published by the UK Government, found that while most organizations see cyber security as a high priority, only 20 % of staff members had any formal training to deal with a cyber attack. Hybrid environment, comprising several locations that all may be impacted simultaneously by a cyber attack, necessitates an orchestrated recovery of all locations at once. This in contrast with traditional disaster recovery where disasters tend to be well contained in one location.
Thank you Jean-Michel Lamby Associate Partner Jean-Michel.Lamby@be.ibm.com +32 471 35 21 34 ibm.com Think Brussels /Cyber Resiliency / Oct 4, 2018 / 2018 IBM Corporation 13
Think CityName / DOC ID / Month XX, 2018 / 2018 IBM Corporation 14